Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2026/04/17 8:51 p.m.1 views

CVE-2026-40301 rhukster/dom-sanitizer: SVG <style> tag allows CSS injection via unfiltered url() and @import directives

DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::sanitize allows elements in SVG content but never inspects their text content. CSS url references and @import rules pass through unfiltered, causing the browser to issue HTTP requests to...

4.7CVSS5.7AI score0.00034EPSS
Exploits0References3
OSV
OSVadded 2018/10/29 12:29 p.m.1 views

CVE-2018-18702

spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=importrule because the upfile content is base64 decoded, deserialized, and used for database insertion...

9.8CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2016/07/23 7:59 p.m.1 views

CVE-2016-5127

Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascadin...

7.5CVSS7.2AI score
Exploits0References14
OpenVAS
OpenVASadded 2010/12/31 12:0 a.m.35 views

Microsoft Internet Explorer 'CSS Import Rule' Use-after-free Vulnerability

This host has installed with Internet Explorer and is prone to Use-after-free Vulnerability. This NVT has been replaced by NVT secpodms11-003.nasl OID:1.3.6.1.4.1.25623.1.0.901180. OpenVAS Vulnerability Test $Id: secpodmsieuseafterfreedosvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Microsoft...

9.3CVSS0.3AI score0.856EPSS
Exploits9References3
OpenVAS
OpenVASadded 2010/12/31 12:0 a.m.34 views

Microsoft Internet Explorer 'CSS Import Rule' Use-after-free Vulnerability

This host has installed with Internet Explorer and is prone to a use after free vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901180. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced...

9.3CVSS9.5AI score0.856EPSS
Exploits9References3
Prion
Prionadded 2010/12/22 9:0 p.m.18 views

Memory corruption

Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets CSS parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash vi...

9.3CVSS8.1AI score0.856EPSS
Exploits9References16Affected Software1
NVD
NVDadded 2010/09/17 6:0 p.m.19 views

CVE-2010-3324

The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scriptin...

4.3CVSS5.1AI score0.26442EPSS
Exploits2References7
Rows per page
Query Builder